Links for 2007-11-29 [del.icio.us]
- OAuth: Introduction
A useful summary of the OAuth initiative which sets out to allow individuals to enable access to their resources without revealing their usernames, credentials etc. Liberty Alliance has a similar set of capabilities in ID-WSF and ID-SIS - The Patrick Harding Blog
Patrick of Ping Identity discusses the relevance (or not) of user-centric ID in the enterprise). Pretty much agree with his thoughts.
Labels: MWD
Nodding about nodding dog alignment
I just came across Steve Jones' post, Nodding dog alignment - the perils of aligning to people not business, in which he points out the sad reality that many IT organisations which believe they are aligned with the business aren't actually delivering value. Why? Because they are aligning with the wrong things. Instead of focusing on business goals they focus on the individuals who have those goals with the result that: the IT department just turns into a nodding dog and says yes to all requests made by anyone who can claim to be a business person. This is what leads to hideously configured packages because "the business said so" and to a fragmented IT estate and ever increasing IT spend for ever decreasing business value.This issue is something that came out strongly in the research for our book (the perfect Christmas gift ;-) )and is reflected in two of our principles for effective IT-business alignment. First, the IT organisation must establish a peer relationship with the business, rather than a supplier-customer relationship which Steve flags. It's about shared accountability and responsibility and, in much the same way as a P2P network, involves dynamic interactions controlled through a set of protocols (or governance policies and procedures) in accordance with objectives and constraints (business goals, budgets, people in the IT-business alignment case; file downloads, network bandwidth and latency in the P2P case). Second, it's not about working on the basis of "he who shouts loudest". Rather it's about working towards a set of goals and objectives that are coordinated and agreed by the combined business and IT team. As Steve so aptly puts it:
Business alignment isn't about people alignment.Labels: alignment
Not all processes are created equal - at least under the lens of IT
Andrew McAfee at Harvard Business school poses an interesting question: do 'managers' belong on the list of knowledge workers whose jobs are being transformed by information technology?His question is prompted by a number of interesting examples of the use of IT in areas such as "fluid" building fabrication, sculpture, BMW car design and poker playing. He then goes on to describe, based on the experience of his course teaching, that most general managers do not believe that IT can help them in their roles as leaders, change agents and value generators because: until fairly recently the profession of general management was actually not one of the ones deeply affected by technology. Prior to the mid 1990s the footprint of most corporate IT -- the sphere of direct influence for a piece of technology -- was the single function or task. This made for a happy marriage between technology and knowledge workers like engineers, scientists, and analysts because these workers stayed within a single function. But general managers, by definition, do not. They're responsible for orchestrating the work of multiple groups. So from their perspective, IT was actually delegable and low level.This chimes well with some of the points we raise in our March 2005 BPM report (which will be updated next month). In it we highlight that much of IT discussion of business process is actually about the shadow that IT automation casts on real business processes. The real world of business processes is much more complicated than would appear to be case based on what IT can support. There are business processes which serve to differentiate the business and there are those that are a cost of doing business. There are business processes which support day-to-day operational activities (or single functions or tasks as Andrew refers to them); there are those that support management of those operational activities; and ultimately there are those that govern strategy. IT has historically played a prominent role in support the non-differentiating, operational processes. That role is significantly diminished when it comes to differentiating, management and strategy processes because they are more ad-hoc and collaborative and nature and depend on harnessing and exploiting a wide variety of applications and structured and unstructured information assets. Andrew believes that the emergence of ERP and the Internet has enabled a new class of business process automation which operates at the level of the organisation and so are more suited to management processes. He also believes that "Enterprise 2.0" technologies (which Angela discusses in the broader context of enterprise collaboration in her recent report), by virtue of their emergent characteristics, promise to do the same and concludes that he is: comfortable adding 'general managers' to the list of knowledge workers who have very powerful digital tools at their disposal, and who need to learn how to use them well. Does this also seem right to you?His historical analysis of business process automation certainly seems right to us and we believe that a range of new IT capabilities have the potential to shift IT's supporting role in the direction of differentiating management and strategy processes. However, it's not just about managers learning how to use them well. As we highlight in our BPM and collaboration reports (and more broadly in our analysis of IT-business alignment), these management competencies must also address a broad range of organisational, cultural and governance challenges if these innovations are to fully realise that potential. Labels: BPM, collaboration, enterprise 2.0
Who do you put in a Centre of Excellence?
I've lost count of the number of times I've seen throwaway comments exhorting companies to "create a centre of excellence (CoE" (mostly, for initiatives like SOA or BPM). Vendor / pundit / analyst / journalist: "Having trouble? Establish a centre of excellence!" Customer: "Oh, that's OK then, I'll do that." But let's take a deeper look. Quite aside from the role that one of these beasts plays (something I'll attack in a future post), what does a best practice CoE look like? From what I've seen out there in real-world implementations of SOA and BPM initiatives, I suspect that the best results come from having a good mix of responsibilities / personalities in the group. Something like an even distribution across this matrix of perspectives:  Although it's tempting to staff a CoE with good dependable technical people that you understand, you need a good mix of business-focused types and technology-focused types, because those business-focused types will help keep expectations practical, and help keep business people from outside the CoE engaged and willing to help. And it's vital to get a good mix of practical and visionary focus, because rolling out new concepts and approaches to delivering IT capabilities requires both "selling" and getting things done. That's my view. What do you think? Labels: BPM, governance, SOA
Hot off the press.. New MWD Collaboration report!
I'm pleased to announce that MWD's new report, Ideals and reality: understanding the context for your enterprise collaboration strategy, is now available for free download from our website. The report offers our perspective on the role of technology in enterprise collaboration, and highlights the key issues facing organisations looking to implement collaborative working practices. One of the most interesting messages to come out of the report is the fragmented nature of the collaboration software market today, both in terms of the breadth of tools classified as collaboration tools, and the lack of cohesion between those tools when it comes to implementing them in an enterprise setting. The lack of adequate standards for integrating the different functions - both with each other, and with organisations' existing IT environments - basically means that an organisation is left to take all the risk if it wants an integrated environment. The cost and complexity of integration, and the likely possibility that any custom integration work will need to be re-built with every new product upgrade, places additional pressures on already challenging cost justifications for collaboration. This is of course also a major issue for the software vendors, as it will serve only to dampen collaboration market growth potential. It's important for organisations and vendors alike to remember that collaboration software does not equal a collaborative working environment; there are many more factors that need to be considered. This report calls out some of the key organisational, cultural and governance challenges that organisations face in implementing collaboration - and offers advice on how to deal with them. Click here to read the report, and I welcome your comments! Labels: collaboration, integration, MWD, report
Links for 2007-11-20 [del.icio.us]
Labels: MWD
Links for 2007-11-16 [del.icio.us]
- Todd Biske: Outside the Box; Blog Archive; Driving SOA
Great comments from Todd on the latest Zapthink "flash", which posits the needs for a "VP of SOA". Presumably this is aimed at US organisations, where you can become a VP simply by having someone report to you?
- Platformonomics - Blue Haze
Charles Fitzgerald of Microsoft doesn't pull any punches when it comes to IBM's Blue Cloud: must say I share some of his obervations
Labels: MWD
Roles play a prominent role in identity management this week
Back in September Oracle announced that it had acquired privately-held Enterprise Role Management (ERM) player Bridgestream continuing its "identity management-through-acquisition" strategy. With many eyes focused on the company's Oracle Open World shindig this week, Sun also entered the fray with its plans to acquire another leader ERM independent: Vaau. Role-based access control (RBAC) is hardly new: the US' National Institute of Standards and Technology (NIST) initiated standardisation efforts back in 2000 and an ANSI/INCITS standard (359-2004 if you're that way inclined) was published in 2004. So why all this acquisition activity? As with many things identity management, it's primarily driven by compliance, with a small helping of increased operational efficiency and cost reduction. As well as promising to streamline the provisioning and de-provisioning of entitlements, roles can help organisations to define, enforce and demonstrate those entitlements to address regulatory compliance demands. The realisation of that potential, however, has proved elusive. Organisations have struggled to identify (!) the roles that they need, and inconsistent management approaches have often resulted in an explosion of roles to the point where there are as many roles as users. The likes of Bridgestream, Eurekify and Vaau, whose offerings provide role discovery, analysis, allocation and provisioning, emerged specifically to address these challenges, creating the identity management sub-market of ERM along the way. With compliance top-of-mind for many of their customers and prospects, the major identity management suite vendors who were unable to respond as rapidly as the nimble ERM start-ups quickly established partnerships and, in some cases, moved beyond the press release to actually provide pre-built integration. Sun, for example, provides bi-directional data integration with Vaau (which should help to speed up the integration process). With two of the leading ERM players now with competitors, this leaves the likes of CA and IBM in an interesting position. Their partnership teams no doubt have their eyes (and potentially their wallets) pointing in the direction of Israel, where Eurekify is based. Some of you may wonder why I didn't include Novell in this list. Had I been writing this post straight after the Sun announcement it would have been. But not long after the announcement I came across this post from an identity management group blog at Novell, which discusses how the company has been building its own role management capabilities, focused on role provisioning, exploiting its directory heritage (discussed in more detail in our assessment here) and partnership with Eurekify for role discovery and analysis. The post's author claims no knowledge of acquisition talks. Then lo and behold, and far be it from me to suggest that Sun's announcement had anything to do with the timing, the next day Novell announced its new Roles Based Provisioning Module. Of course, a Eurekify acquisition by Novell could still be on the cards, despite the blogger's ignorance of any such discussions, but it seems to me based on Novell's stated strategy that the Israeli company is more likely to end up in the arms of CA or IBM. The implications for customers are varied. Bridgestream and Vaau customers, who have plumped for a vendor other than Oracle or Sun, should be a little nervous and seeking concrete assurances regarding ongoing support. Customers of the likes of CA, IBM and Novell who are considering ERM will have to think very carefully before plumping for Bridgestream or Vaau for similar reasons. Labels: Bridgestream, Eurekify, identity, Novell, Oracle, RBAC, Sun, Vaau
Links for 2007-11-14 [del.icio.us]
Labels: MWD
Ah yes, it's BPM... but which BPM is it?
Arch BPM blogger-cum-analyst Sandy Kemsley references an interesting conversation she had with some webMethods customers at Software AG's Integration World event where the customers "pooh pooh the BPM vendors who don't provide the whole integration stack". To me, this is interesting because (as Sandy calls out) "these customers are coming from the traditional EAI-type usage of webMethods". One of the challenges in the growing market for Business Process Management (BPM) technology is the fact that there are many different technology providers bringing tools to the market, and each has its own technology background and heritage customer set with its own expectations. In truth, there isn't "one BPM". What makes things particularly challenging is that it's very difficult to find a vendor that can truly support a rich range of different types of processes from the perspective of modelling, analysis and optimisation; while at the same time supporting complicated integration requirements. The task is particularly difficult if you're looking for an elegant technology solution with no duplication (some vendors can point to good coverage of all the main functional requirements today, but they can only do this by bundling overlapping and poorly-integrated products and technologies together). It's a bit of a simplification, but broadly speaking, vendors fall into a "business process specialist" camp, where sophisticated modelling, monitoring and optimisation tools are provided; or a "process integration" specialist camp, where the main centre of gravity is being able to orchestrate services and applications in relatively sophisticated ways. The smaller, specialist vendors (such as Lombardi, Pegasystems, Singularity, Appian) fall into the former camp; the larger, generalist vendors (such as IBM, Software AG, TIBCO, Oracle) fall into the latter camp. Next spring we'll be launching a major research programme looking at the discipline of BPM and the technology you need to support it - but until then the most pithy advice I think that can be given to an organisation looking to purchase BPM technology is: Understand what, exactly, you want to do with BPM. Understand the key characteristics of the processes you're trying to improve, and equally importantly, who's driving the work - is it business people, IT people or both?Unfortunately, getting to the bottom of things is not as simple as saying "I need a human-centric BPMS" or "I need an integration-centric BPMS". UPDATE: Some folks from BEA got in touch, and asked "why isn't BPM in your list"? I had no idea I was so influential! ;-) So, for the record... BEA is an interesting BPM vendor, as it has some integration-focused history with its WebLogic Integration capabilities, but it's garnered a much more interesting position by buying former BPM specialist Fuego. It now straddles both camps - as, strictly speaking, does TIBCO (following its acquisition of Staffware). To make things fair, I should perhaps call out some other vendors not mentioned in the original list above: Adobe, Cordys, DST, EMC Documentum, Fujitsu Software, Global 360, Handysoft, Intalio, K2, MEGA, Metastorm, Microsoft, Proforma, SAP, Savvion, Ultimus, Vitria... Labels: BPM
Social graphs? Puh-lease.
There's lots of pseudo-intellectual waffle about social graphs out there at the moment, largely in relation to Facebook (and its implementation of an advertisement-supported business model based on the information it holds about people, their connections, and their interests). Can we just call it a database, and move on? Labels: Facebook, social software
Links for 2007-11-06 [del.icio.us]
Labels: MWD
Google the new Microsoft? No comparison
...at least when it comes to discussion on the web. Google announced its OpenSocial social networking API project just 5 days ago - and now the company's own search engine reports over 7,700,000 hits for "OpenSocial". And it's still alpha code! A day earlier, Microsoft announced Project Oslo. And despite the announcement being what Gavin Clarke refers to as an experience of buzzword bingo, "Microsoft Oslo" garners just 1,400,000 hits or so. OK so it's not exactly scientific. But to me at least it shows just how far Google-fixation has become the psychosis du jour of the technology industry. Labels: google, Microsoft
Links for 2007-11-04 [del.icio.us]
Labels: MWD
Links for 2007-11-03 [del.icio.us]
Labels: MWD
Links for 2007-11-02 [del.icio.us]
Labels: MWD
Links for 2007-10-31 [del.icio.us]
- Ping Identity Blog
An interesting federated identity case study involving Ping's PingFederate in the Dutch education sector
Labels: MWD
|
